Prior art which is related to the technical field of network virtualization can e.g. be found in “Network Virtualization from a Signaling Perspective” by Roland Bless and Christoph Werle, Future-Net '09 International Workshop on the Network of the Future 2009 in conjunction with IEEE ICC 2009, Dresden, Jun. 16-18, 2009, “Implementing Network Virtualization for a Future Internet” by P. Papadimitriou, O. Maennel, A. Greenhalgh, A. Feldmann, and L. Mathy, 20th ITC Specialist Seminar on Network Virtualization, Hoi An, Vietnam, May 2008, as well as Request For Comments (RFC) Nos. 4461, 4655, 4657, 5305, 5810 issued by the IETF.
The following meanings for the abbreviations used in this specification apply:
CS—circuit switched
CS-IBCF—CS (domain) IBCF
CS-TrGW—CS (domain) TrGW
CSP—communication service provider
EPC—evolved packet core
Forces—forwarding and control element separation (IETF)
GLAB—German-LAB
IBCF—interconnection border control function
IMS—IP multimedia subsystem
IP—Internet protocol
NE—network element
PCE—path computation element
PCRF—policy control and charging rules function.
PIP/InP—physical infrastructure provider/infrastructure provider
QoS—quality of service
SASER—Save and Secure European routing
SIP—session initiation protocol
TrGW—transition gateway
VN—virtual network
VNO—virtual network operator
VNP—virtual network provider
In the last years, an increasing extension of communication networks, e.g. of wire based communication networks, such as the Integrated Services Digital Network (ISDN), broadband networks, and especially the Internet and other packet based networks based e.g. on the Internet Protocol (IP), Ethernet, MPLS/GMPLS (Multiprotocol Label Switching/Generalized Multiprotocol Label Switching) or related technologies and preferably using optical transmission based on SDH/SONET (Synchronous Digital Hierarchy/Synchronous Optical Networking) and/or WDM/DWDM (Wavelength Division Multiplexing/Dense Wavelength Division Multiplexing), or wireless communication networks, such as the cdma2000 (code division multiple access) system, cellular 3rd generation (3G) communication networks like the Universal Mobile Telecommunications System (UMTS), enhanced communication networks based e.g. on LTE, cellular 2nd generation (2G) communication networks like the Global System for Mobile communications (GSM), the General Packet Radio System (GPRS), the Enhanced Data Rates for Global Evolutions (EDGE), or other wireless communication system, such as the Wireless Local Area Network (WLAN) or Worldwide Interoperability for Microwave Access (WiMAX), took place all over the world. Various organizations, such as the 3rd Generation Partnership Project (3GPP), Telecoms & Internet converged Services & Protocols for Advanced Networks (TISPAN), the International Telecommunication Union (ITU), 3rd Generation Partnership Project 2 (3GPP2), Internet Engineering Task Force (IETF), the IEEE (Institute of Electrical and Electronics Engineers), the WiMAX Forum and the like are working on standards for telecommunication network and access environments.
Recent technology progress deals with network virtualization, which splits the conventional monolithically owned, used and operated networks into subsets to be used, operated and managed by different, organizationally independent control entities or organizations. Basically, network virtualization is a concept to create logical network resources, e.g. virtual nodes and virtual links, which form a virtual network, from physical resources.
The use of network virtualization promises additional flexibility and offers opportunities for deploying future network architectures. That is, network virtualization enables for the creation of logically isolated network partitions over a shared physical network infrastructure, wherein the network virtualization can be driven by the needs in, for example, an enterprise domain. Furthermore, network virtualization covers network elements and protocols that together maintain a coherent end-to-end view of a virtual network.
Basically, network virtualization is considered in 3 main sections:                Network elements: how is traffic separation and isolation of different virtual networks maintained internal to a network element for the data part and the control part;        Data path: how is traffic separation enforced across a network path;        Control plane: what extensions to protocols are needed to control and manage partitioned resources (access to NEs and between NEs).        
Considerations regarding network virtualization are made, for example, in connection with several projects, for example 4WARD (European-Union funded) and G-Lab (German national funded). Results of such projects introduced, for example, a separation into different roles regarding network virtualization, i.e. a Virtual Network Operator, VNO, role or level, a Virtual Network Provider, VNP, role or level, and a Physical Infrastructure Provider or just Infrastructure Provider, PIP/InP, role or level.
PIP/InP are infrastructure providers, e.g. large companies that own the infrastructure required to enable communication between different locations and which provide end users with access to their networks. Infrastructure providers may also enable the creation of virtual nodes and virtual links on top of and using their own physical resources and provide them to another party.
VNP is a provider which represents an intermediate party between a VNO and the infrastructure providers. The VNP is capable and equipped, for example, to compose and provide a virtual network slice as requested by a VNO from physical resources of one or more infrastructure providers. The VNO, on the other hand, can install and instantiate a network architecture using the virtual network slice and properly configure it. After the virtual network has been set up, end users may attach to it and use the service it provides. A VNO may provide a service in the virtual network by itself or allow other service providers to offer their services, e.g., an IP-TV service, inside the virtual network.
That is, the VNP is supposed to request and collect virtual resources from a PIP/InP, and to form a whole virtualized network on behalf of a VNO, which in turn operates this virtual network. In that way, the physical resources of a PIP/InP are separated and transformed into virtual resources provided to and managed by a VNP, and configured to form virtual networks finally handed over to VNOs for operation and use. In that way also the control of such virtual resources, even if implemented as shares of the same physical entities, is completely handed over to the virtual network operator using it.
Thus, with the event of network and IT virtualization, existing architectures are challenged. As such the Hypervisors are known, also Flowvisor is known, see OpenFlow (e.g., https://www.opennetworking.org/) etc. New architectures require new interfaces and/or procedures to support existing/expected services.
For example, elements such as CS-IBF and CS-TrGW will probably be disruptively replaced in the future. In connection with this example, it may happen that the Controller of the TrgGW which might be the PCRF or the SPDF may wish to manipulate the “dataplane” via an intermediate OpenFlow FlowVisor additionally to the normal VNO control plane instance.
However up to now it is not possible dynamically assign another Controller to the Flowvisor.
In this connection, it is referred to document “FlowVisor: A Network Virtualization Layer” by Rob Sherwood, Glen Gibb, Kok-Kiong Yap, Guido Appenzeller, Martin Casado, Nick McKeown and Guru Parulkar, Oct. 14, 2009 (http://OpenFlowSwitch.org/downloads/technicalreports/openflow-tr-2009-1-flowvisor.pdf), and also to RFC3476 and RFC5810.
In particular, an example is considered in which an IMS/EPC software is running in the virtual network environment. An overview over an example is illustrated in FIG. 4.
In FIG. 4, the virtual network consists a) of the transport PIP/network offering router and switches delivering connectivity to the virtual machines and b) the Telco/ATCA platforms preferably providing the user plane of the separated SGW and PGW, and c) the cloud (may it be the Communication Service Provider (CSP) Cloud (server Farm etc) or an IT Cloud (e.g. a service provider cloud) hosting the control plane of the separated SGW and PGW.
In such a case, it may be possible that the IMS/EPC control plane software running in the cloud may need to manipulate the data forwarding elements for the individual IMS session (like for instance a CS-IBCF, a P-CSCF or an IBCF which needs to control the SPDF and the BGW) above the normal transport level as being configured by the VNO controller via the corresponding FlowVisors.
Such a case is indicated in FIG. 4 by a dashed arrow which connects the CSP Cloud (e.g. assumed to contain some IMS control functionality like the CS-IBCF, IBCF, or P-CSCF like and/or etc) with the Flowvisor of the VNP. That is, this indicates that preferably it should be possible that a second controller can by assigned.
However, per definition for both OpenFlow and Forces any controlling element needs to have a secure channel allowing only preconfigured controllers to control the forwarding element. For example, this is specified in “OpenFlow Switch Specification”, Version 1.1.0 Implemented (Wire Protocol 0x02), Feb. 28, 2011 (http://vvww.openflow.org/documents/openflow-spec-v1.1.0.pdf). According to chapter 5.2 thereof, the OpenFlow Switch must establish the connection to the controller, the same is true for the FlowVisor and its controller. Within Forces again the NEs needed to be preconfigured in order to be able to establish an authorized relationship.
However, in the highly dynamic virtualized environment where the participants of the ecosystem can dynamically assign resources and in particular do not want to share the internals of their networks or it is not possible to share all Openflow or Forces interfaces/addresses with each other (e.g., between PIPs and VNOs) due to scalability reasons.
Therefore, it is desirable to provide a dynamic procedure without the need to reveal network internals to the others more than needed.